用了这么多年squid走过无数的弯路，现在将我们优化的squid配置文件分享给大家，虽然谈不上很强大，能负载多少多少，但是基本上运行很稳定，希望能够帮到一些正在使用squid的兄弟姐妹们...

#
# User Squid
#

#
# Recommended minimum configuration:
#

http_port 80 accel vhost vport

#------------------------------------------------------------------------------
#第一台服务器
cache_peer 118.100.100.133 parent 80 0 no-query originserver weight=1 name=xxcdn
cache_peer_domain xxcdn .xxcdn.com
#------------------------------------------------------------------------------
#第二台服务器
cache_peer 118.100.100.138 parent 80 0 no-query originserver weight=1 name=jwcdn
cache_peer_domain jwcdn .junww.com

#------------------------------------------------------------------------------
#让所有未绑定前面服务器的域名全部指向下面这台服务器：
cache_peer 100.100.100.130 parent 20080 0 no-query originserver weight=1 name=cdnzz
cache_peer_domain cdnzz .com .cn .net .org .cc .us .hk .la .pw

#------------------------------------------------------------------------------

coredump_dir /usr/local/squid/var/cache/squid
cache_log /usr/local/squid/var/logs/cache.log
access_log /usr/local/squid/var/logs/access.log squid
cache_dir ufs /usr/local/squid/var/caches/ 50000 16 256

#------------------------------------------------------------------------------

visible_hostname znncnn.com
cache_mgr web@junww.com
cache_mem 512 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 51200 KB
maximum_object_size_in_memory 512 KB
minimum_object_size 0 KB
ipcache_size 16380
ipcache_low 80
ipcache_high 90
logfile_rotate  30
httpd_suppress_version_string off

forward_timeout 20 seconds
connect_timeout 15 seconds
acl OverConnLimit maxconn 128

hierarchy_stoplist cgi-bin ?
hierarchy_stoplist -i ^https:\\ ?
acl QUERY urlpath_regex -i cgi-bin \? \.asp .\php \.aspx \.php \.jsp \.cgi
acl DIRECT url_regex -i ^http:////www/.xxx/.com//.php$
acl DIRECT url_regex -i ^http:////www/.xxx/.com//.htm$
acl DIRECT url_regex -i ^http:////www/.xxx/.org//.html$
acl denyssl urlpath_regex -i ^https:\\
no_cache deny QUERY
no_cache deny denyssl
cache deny DIRECT
max_open_disk_fds 0
relaxed_header_parser on
half_closed_clients off
buffered_logs on

vary_ignore_expire on

#------------------------------------------------------------------------------
reply_header_access Via deny all
reply_header_access Cache-Control deny all
reply_header_access Server deny all
reply_header_access X-Squid-Error deny all
reply_header_access X-Forwarded-For deny all
request_header_access Via deny all
request_header_access Age deny all
request_header_access X-Squid-Error deny all
request_header_access Pragma deny all
#request_header_access X-Forwarded-For deny all
#------------------------------------------------------------------------------
acl babaicode dstdomain www.xxx.com
no_cache deny babaicode

acl bbcom dstdomain .xxx.com
cache deny bbcom
#------------------------------------------------------------------------------

acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines

acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localnet
http_access allow localhost
http_access allow all
http_access deny all

#------------------------------------------------------------------------------------

refresh_pattern ^proxy:           60        20%        10080
refresh_pattern ^gopher:        60        0%        1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern -i \.htm$ 10 50% 60 reload-into-ims
refresh_pattern -i \.html$ 10 50% 60 reload-into-ims
refresh_pattern -i \.shtml$ 10 50% 60 reload-into-ims
refresh_pattern -i \.js$ 10 50% 60 reload-into-ims
refresh_pattern -i \.css$ 10 50% 60 reload-into-ims
refresh_pattern -i \.jpg$ 1440 50% 2880 reload-into-ims
refresh_pattern -i \.png$ 1440 50% 2880 reload-into-ims
refresh_pattern -i \.gif$ 1440 50% 2880 reload-into-ims
refresh_pattern -i \.bmp$ 1440 50% 2880 reload-into-ims
refresh_pattern -i \.mp3$ 1440 50% 2880 reload-into-ims
refresh_pattern -i \.mp4$ 1440 50% 2880 reload-into-ims
refresh_pattern -i \.wmv$ 1440 50% 2880 reload-into-ims
refresh_pattern -i \.rm$ 1440 50% 2880 reload-into-ims
refresh_pattern -i \.swf$ 1440 20% 2880 reload-into-ims
refresh_pattern -i \.mpeg$ 1440 50% 2880 reload-into-ims
refresh_pattern -i \.wma$ 1440 50% 2880 reload-into-ims
refresh_pattern -i \.rar$ 1440 50% 2880 reload-into-ims
refresh_pattern -i \.zip$ 1440 50% 2880 reload-into-ims
refresh_pattern -i \.7z$ 1440 50% 2880 reload-into-ims
refresh_pattern -i \.pdf$ 1440 50% 2880 reload-into-ims
refresh_pattern -i \.exe$ 1440 50% 2880 reload-into-ims
refresh_pattern -i \.doc$ 1440 50% 2880 reload-into-ims
refresh_pattern -i \.txt$ 1440 50% 2880 reload-into-ims
refresh_pattern .               0       20%     4320